Lege Trend: Higher Health Care Data Privacy Standards

Go Back
March 2, 2015

Connecticut’s SB1024 applies higher data privacy standards on health care providers, by establishing regulations through the department of insurance.

Which health care entities are affected?

health insurers
HMOs
“other entities licensed to do health insurance business in Connecticut,”
pharmacy benefits managers
third-party administrators that administer health benefits
utilization review companies

What are these health care businesses required to do?

encrypt health care data that it maintains

What personal information information are health care entities required to encrypt?

individual’s first name or initial and last name in combination with one or more of the following:
Social Security number
driver’s license number
address
or identifiable health information

The 2015 CT bill follows in the path of the New Jersey health care data privacy bill.